Security Basics mailing list archives

RE: learning sniffer skills

From: "Matt Arntsen" <Matt.Arntsen () FranklinCovey com>
Date: Fri, 10 Dec 2004 10:50:18 -0700

In addition, you can try this:

tcpdump -i "interface name" -s 1518 -lenvv host "whatever host" and port 110 -w /tmp/"file name"



-----Original Message-----
From: Matias Rollan [mailto:matias () safesource com ar] 
Sent: Thursday, December 09, 2004 3:32 PM
To: security-basics () securityfocus com
Subject: Re: learning sniffer skills

Hola !

Im trying read with tcpdump or snort the mail messages downloaded by
pop3.  But can see the message content.    How can "assembly" the
message readed with the sniffer?


        I think you are trying to do something like this:

        tcpdump -s 2000 port 110 -w /tmp/data-to-port-110

        And to see the binary log:

        strings /tmp/data-to-port-110

        Saludos !

-- 
  Matías Rollán
  <cygar () safesource com ar>

Current thread:

learning sniffer skills Carlos Mario Mora (c4y0) (Dec 09)
- Re: learning sniffer skills Jon Lawhead (Dec 10)
- Re: learning sniffer skills Matias Rollan (Dec 10)
- Re: learning sniffer skills Florian Streck (Dec 10)
- Re: learning sniffer skills Alexander Klimov (Dec 10)
- <Possible follow-ups>
- RE: learning sniffer skills Beauford, Jason (Dec 10)
- RE: learning sniffer skills Matt Arntsen (Dec 10)
  - Re: learning sniffer skills Alvin Oga (Dec 13)